Even if you find something you believe to be secure I expect your paranoia will have a limiting effect on your brain when journaling, so I'd recommend paper. The inability to edit paper also seems to have a freeing effect on the mind, it limits my need for perfection. The fact that I'm not sitting at a distraction machine while journaling is helpful as well.

It took me quite a while to come to this conclusion personally. I lean very heavily toward electronic solutions to things.

If you want it to be searchable, write relevant notes in the margins and/or use the little colored sticky "flags" that stick out a bit to categorize entries.

Thanks! That's certainly an interesting conclusion.

Unfortunately, I want to make a journal in the vein of https://news.ycombinator.com/item?id=2918935 -- partly a reason why I rejected paper (limit to word, and probably not suitable for the amount of data that is being stored).

Take a look at ecrypt-fs, which lets you mount a file system that looks to your OS like a regular directory and is actually backed by another regular directory, except that second regular directory includes cyphertext only. You can have the cyphertext directory live in Dropbox if you want to. (Don't put the unencrypted directory there, naturally, as that results in Dropbox slurping in the plain text.)

When you want to write or read the journal, provide the passphrase and mount it. When you don't, unmount it. You can do this automatically on boot if you're willing to accept the possibility of being tackled by an FBI agent then having your work journal for Silk Road read out in open court.

A second option: use full-disk encryption (same "vulnerable to a football tackle" problem). For backups, just use Tarsnap.

The bigger problem is being infected by a trojan. You have all the time in the world to get infected, but would only take a single time when your files are unencrypted to expose them.

An even bigger problem is Dropbox being the trojan, which is why I disagree with the "ecrypt-fs + dropbox" solution. We live in a world where Internet searches like "dropbox condoleezza rice" and "dropbox prism" are incredibly unflattering.

I am amazed no one suggested a simple GPG operation.

Generate a keypair on an airgapped machine, keep the private part on a secure external medium (eg. CF Card in a bank safe).

Have the public key on your normal machine, write your journal in normal text files (use a ramfs if you worry about it being restored by forensics) and encrypt against the public journal key. Decryption is only possible with the private part, the public part can even be, well, public. :)

First you have to ask yourself - do I want someone to be able to read that journal after I'm gone. If yes, go with a pen and paper. Since we can safely assume that you spend more time in front of the computer than writing stuff with a pen, it will be a really nice experience, almost mystical.

One minor thing to add - consider fountain pens and good paper. That alone can push the thoughts come to paper way easier than other means, and will let you have richer "micro-expressions"/mental bookmarks in your handwriting.

I know it's offtopic, but wanted to mention in case it helps someone.

I too would advocate quality pen and paper for much the same reasons I would advocate a quality keyboard, better technology makes writing easier. Over the years, I've found that the ceremony of the pen (and to a lesser extent paper) improves the writing ritual upon which the habit of writing in general and journaling in particular depend.

Yet for me, a fountain pen is too much impedance. That much ceremony gets in my way. Today, I use a particular model/brand of gel pen. The ink is blue. The milestone of running another one dry feels good; throwing the husk away less so. But replacement guts don't exist. Ultimately, my journals are equivalently disposable once full but for the meaning that I attach.

Despite their costing more than I think they should, I go to the store and purchase four packs of replacement pens. It's a ritual that requires me to give myself permission to do something so frivolous as writing. Spending money on it reinforces the point.

   I buy these pens for this purpose.

The purpose is not the pens. It is the writing. Technology facilitates it. I have a journal for which I purchased a particular instrument. The journal has a protective leather cover. It's too sacred. What happens when I fill it up?

I use Moleskine journals. Hard bound. Ruled in blue. They cost too much. Tools of ceremony are present, implemented without frills. The elastic band pulled aside, intimate contents exposed. The important page at the end of last use, indexed by the ribbon.

Journals fill quickly when writing regularly. The ending of one is a rite rife with anticipation of beginning the filling anew.

I'd also like to add that if fountain pens are too much of a hassle, it's worth trying out some of the nicer ballpoint type pens. Rather than settling for a cheap, scratchy biro or whatever. Personally I find these to be very nice indeed: https://www.google.com/search?q=UB-157

What fountain pen would you recommend for a beginner trying to relearn how to use anything different then the keyboard? :)

Here are a few affordable pens:

- Lamy Safari/Vista

- Kaweco Sport

- Pilot Metropolitan

- Parker Vector

- Tesco's if you can find them; $0.5 but write fairly well

The interesting part about fountain pens is customization: you can choose between different nib widths, type of paper and quality of ink. After some time you will notice significant difference if you go back to ballpoint/gel pens.

If you're interested, check out Fountain Pen Network:

http://www.fountainpennetwork.com/forum/

Parker Vector quickly becomes scratchy, in my experience. Lamys are great.

I'd recommend a Noodler's Ahab ($23.66 on Amazon). What makes it fun is that the nib is flexible, allowing broader or thinner strokes depending on pressure. Plus, its a pen built to be hacked. After a while you can cut the feeding unit to your liking, making ink flow more or less.

I got into re-learning to write a bit over a year ago. I was a clumsy left hander with great keyboard skills but terrible handwriting. Take a look at IAMPETH, they have tons of material on vintage writing styles. I even followed Spencerian methods from the the nineteenth century.

Pilot Varsity. They're disposable, come in packs of 3 on up, and are about $3 each.

They also have some of the best nibs for the price point (so good there's a number of people who have developed and published hacks on how to refill them).

http://www.amazon.com/Pilot-Varsity-Disposable-Fountain-Medi...

/r/fountainpens[1] have a lot of useful info on choosing a good pen and getting started.

[1]: http://www.reddit.com/r/fountainpens

Why would you want to transfer data between some two machines? You're inviting problems right there.

You have to have a totally separate machine that:

1) you never ever connect to the internet, even for updates or installation of a cooler writing app

2) you never ever move data in or out - disable all data ports, especially USB and WiFi, at the very least in BIOS, preferably by physically disconnecting them inside.

3) you need to be able to inspect and modify that machine yourself (see pt 2), so pick something serviceable, like a ThinkPad (definitely not a Mac or anything unibody)

4) use an open-source operating system

5) obviously use full encryption - you'll get plenty of others' advice on that; use strong BIOS password both for boot and config

6) you probably don't want to spend a lot of money on a machine that's just a diary, so get a used ThinkPad. Depending on your preferred size, an X or T family. The _20 series is the last with a proper keyboard. So my suggestions would be X220, T420 or T520. (Or something older, if you don't care that much about performance, which is reasonable for what's essentially a typewriter. I guess you could get a working T400 (last of core2duos) for like $150.)

7) you make an exception for the "no data in or out" rule at the very beginning when you set up the OS and all needed apps - since there's no data (diary entries) to lose yet

I need to transfer data between the machines because I want to be able to store different type of data: it's not just "journal" in the normal sense of the word, I plan to store things that pertain to my life (ie more media type than just text, and also not always info in the form of text that I can just type in).

At the very least, the need for backup will require a data transfer between machine.

My solution is a bit of work, but it was rewarding when I did it. I was looking to start learning another language, so I started journal. After about 4 months of 45 minutes a day, I was able to write in a pretty obscure language (in this case Irish) and I had the perfect encryption for my journal.

Google translate is very poor for Irish and since only ~250,000 in the world speak/read it well enough to translate and 90% of those people are on an island it works quite well.

That's not encryption at all.

Encryption is defined as:

"the process of encoding messages or information in such a way that only authorized parties can read it."

It may not be a secure form of encryption, but it is a form of encryption.

It would be pretty effective against the random passer by, and standard law enforcement would probably not be able to identify the language.

Plus, virtually any encryption a user has can be broken given time and processing power. By hand writing everything in another obscure language, without many native speakers you gain plausible deniability. If he/she manages to get on a list, he/she could claim issues with translation (either by him/her or by the translator).

If by "authorized parties" you mean anyone who speaks Irish, then yes. This is security by obscurity.

How did you start learning Irish? There are not many resources online...

The Irish government has a lot of resources:

[1] NEWS: http://www.tg4.ie/

[2] Rosetta Stone: http://www.rosettastone.com/learn-irish

[3] Folclóir Póca (pocket dictionary)

[4] Learning Irish by Mícheál ó Siadhail

Now they also have it on Duolingo

Go maith ar fad

I've kept a digital journal for almost two years now, honestly I had the same fear at the beginning but my work and side-projects (which is what I keep there, plus ideas and QS-style observations) are nothing I feel embarassed about.

In fact, this has been an excellent exercise to cultivate writing and I'd like to publish some of these things one day, in longer and polished form.

I'd suggest to just start your journal, this sounds like "premature optimization".

I already have a journal/note (digital) that I used to store relevant information about work, idea etc. The problem is that I want to start writing more personal note down (similar to this https://news.ycombinator.com/item?id=2918935) :-).

Fascinating, this guy and gwern would get along well.

However, the first word that comes to me for this behavior is... hoarding, who would ever look at all of this stuff?

Not judging or anything, but I feel that all this effort directed backwards (at the past) would have so much more impact if pointed forwards (making new things).

Since I started mine, every december 31st I read my journal for the past year and I feel like I am writing too much stuff already.

This is pushing me to make a conscious effort to recognize, in 'real time', what is important and what isn't, I find that to be a great exercise in mindfullness.

I agree that the issue about hoarding is true. In my context, I'm actually thinking about more of a personal system that happens to have journal as part of it (and to do list, and personal knowledge etc.). Partly a reason why I think the spare machine is not a good idea (processing data on it would be a hassle), and why paper doesn't work.

So, my solution to this has been to go back to paper. I switched to a text file for a few years thinking that it would be more convenient, backup-able and I would be encouraged to write more. After I switched to the paper journal I remembered how satisfying seeing my handwriting on paper was and how motivating the sight of the journal filling up was. I've managed to discipline myself to spend a few nights each week writing in it.

One way to keep away the electronic snoopers is to use a paper journal and secure it physically by putting it in a safe. Paul Saffo's inspirational comments are worth reading: http://www.saffo.com/02005/07/13/on-keeping-a-journal/ and http://www.saffo.com/02005/09/28/illustrating-a-journal/.

There is something very different writing on paper in a bound journal when compared to writing on a computer or event a paper notebook. It seems to provoke careful thought and contemplation. And discipline. Lots of discipline.

Have you had a look at jrnl? [1]

It's a command line journal and has inbuilt (optional) encryption [2]. I keep my encrypted journal file in my ~/Dropbox folder so that it syncs between my different machines. It's so simple, yet it meets all of my needs perfectly. It also doesn't rely on any proprietary software and will be just as readable in 50 years.

[1] - http://maebert.github.io/jrnl

[2] - http://maebert.github.io/jrnl/encryption.html

I use pass [0]. It is a great password manager (and I use it for that), but it also works great as a journal. I use a different GPG key for the journal than the passwords. Writing in the journal is as simple as

    pass edit journal/201501

and vim opens up with this month's file. It is safe to back up, as everything is encrypted with GPG. You just need to make sure your key is safe.

[0]: http://www.passwordstore.org/

One problem with pass is that you leak the names of your accounts. Or you encode them, and use random ones, which spoils the utility.

If you're on OS X, use Disk Utility to make an encrypted disk image of a few hundred megabytes. When you want to edit the data, mount it, then unmount when you're done.

It won't secure you against everything, but it'll certainly secure against the casual observer. It's also probably better than the no-longer-supported Truecrypt.

While I agree this is the best quick option for people on OS X I hate that the options for using multiple devices (laptop/mobile) are self-hosted and/or self-written software. Apps like DayOne are very cool (both OS X and iOS clients are a joy to use overall) but there is no encryption, all your entries are stored in plain text. I'd love a halfway decent cross platform encryptable journalling app using icloud/dropbox to sync encrypted files but I haven't found one yet.

Very long to reply, but SpiderOak might suit your needs. It's a Dropbox competitor that uses strong local encryption to ensure that only you can decrypt your data. They have apps - poor performance but for text files should be ok.

Thanks for the reply! I've heard of SO before but I'll check it out!

And even better, you can put this on Dropbox or whatever, and it'll remain secure but be accessible on all your OS X devices.

This is what I do.

My passwords live in the same container too.

In case any of you keeps a real world journal in a notebook or something, I'd like to learn how do you keep it safe.

My solution http://notational.net It has an option to encrypt all the notes and provides a really simple interface to write/read and search notes. It uses OS X crypto, so I don't know how secure it really is. But for something basic, it works very well.

Ready for a super paranoid method which provides a tiny bit of protection against the tackle method?

A Tails (The AmnesIac Live oS) USB stick with a small persistent storage drive. The OS is read-only, the persistent drive is encrypted at rest, and it provides a number of utilities for viewing and creating different media files. The entire network stack runs through Tor as well, so your browsing habits while building your journal will be protected (and you can safely store hyperlinks to items without fear of them revealing your interest).

The minor tackling protection comes from Tails behavior when the media containing it is removed - it immediately unmount and overwrites the OS memory.

As for the journaling tool itself, something along the lines of a disk based wiki might work well (i.e. Tiddlywiki).

I used to keep a diary this way, and eventually decided on using an encrypted Word document. The encryption in Office used to be very weak in early versions, but it's much better these days.

In recent versions of Office (from 2007 onwards, using the DOCX format), by default it uses AES in CBC mode, with an SHA-1 based key derivation function [1].

So with a sufficiently complex password your documents will be resistant to cracking. But of course you are still vulnerable to keyloggers and the like.

[1] https://msdn.microsoft.com/en-us/library/office/cc313071(v=o...

Which method are you referring to when you said "I used to keep a diary this way"? An air gap computer?

No, just encrypting the data. Anything more would have seemed excessive for my use case.

Another angle to consider: If this is for YOU, you can talk about it in a way that makes notes meaningful to you but of little use to other people. You can come up with, say, code words or nicknames for people important to you and not state whom you really mean in a way that could be identified by just anybody on the planet. For example, come up with a nickname for a sibling or parent, but don't state that it is a sibling or parent.

With some practice, you can get good at saying things YOU find meaningful about your life that strangers are unlikely to fully decode.

From a strictly legal point of view: Paper, ink, and a safe. These are kept on your person and/or in your house and require a court order to access against your will. Expanding a bit, there is nothing that stops you from using local encryption to write to archival media. The problem with anything short of paper in a climate controlled system (and even with...) will degrade over time. Humanity has centuries of experience preserving and restoring ink on paper. We have quite a bit less experience salvaging anything else.

This is not a question about journaling; this is just a question about encrypting data.

There are tons of ways to do it that meet your threat model.

You can just use a linux machine with disk encryption.. it happens by magic if you click the option for 'encrypt my home directory' when installing ubuntu.

You can use bitlocker (also built in) in windows.

If you happen to use VIM, it has built in encryption as well that is extremely simple to use.

Other options would be something like pgp, or pen and paper and a lockbox.

Have you considered installing a VM and writing your journal there? It can be totally made air-gap (although I suppose "virtually") and you can encrypt your VM session file in TrueCrypt. It seems to be keyloggers could still compromise your privacy, but if they can keylog you, then everything you have digitally is compromised anyway.

I use org-mode for occasional journaling and have it configured to automatically encrypt the entry with my gpg key on save.

You can put pretty much anything into a Truecrypt partition, which is just a file on the external (host) OS. Now keep that file in Dropbox/Drive/Some other cloud storage for backup.

Except for the whole TrueCrypt-abandonment-and-scary-mysterious-warning debacle.

There's a couple up-and-coming replacements though, which hopefully will be usable soon.

What are the potential replacements for TrueCrypt? Last time the topic showed up on HN, there doesn't seem to be anything that quite fit the bill

It's a question of whom you want to secure it from. If the answer is "the government" I wouldn't even bother. If it's just from snooping, I find it very hard to believe TrueCrypt is not sufficient.

"The government" is not a single entity. I'd prefer to secure it from "The government", except the very high end of the agency. There is alot of difference between being a target like DPR of Silkroad, and having your electronics confiscated by a local police department (the former likely won't happen without you knowing it, at which point you will have to change your threat model. But there is a non trivial chance over your lifetime that the latter will happen just-because.)

I use macjournal. It is worth every penny.

http://marinersoftware.com/products/macjournal/

It uses AES-256.

Similar safety constraints as email, it seems. If you trust your email hosting solution, whichever it may be, why not just email yourself?

That's not true. By default (to be useful), email are expected to be read by at least one other party. Further more, since the security ability of the other party is unknown, it's expected that any email you send can be forwarded around.

Also, any level of law enforcement can probably get their hand on a copy of emails ...